subman-nextjs/src/middleware.ts

import { NextRequest, NextResponse } from "next/server";
import { verifyJwt } from "app/api/auth/actions";

const protectedRoutes = ['/story', '/submission', '/publication']

// Function to match the * wildcard character
function matchesWildcard(path: string, pattern: string): boolean {
	if (pattern.endsWith('/*')) {
		const basePattern = pattern.slice(0, -2);
		return path.startsWith(basePattern);
	}
	return path === pattern;
}

export default async function(request: NextRequest) {
	const LOGIN = `${process.env.NEXT_PUBLIC_BASE_URL}/login?redirect=${request.nextUrl.pathname + request.nextUrl.search}`

	if (protectedRoutes.some(pattern => matchesWildcard(request.nextUrl.pathname, pattern))) {
		const token = request.cookies.get('token')

		//NOTE - may need to add logic to return 401 for api routes

		if (!token) {
			return NextResponse.redirect(LOGIN)
		}

		try {
			//decode and verify jwt cookie
			const jwtIsVerified = await verifyJwt(token.value)

			if (!jwtIsVerified) {
				//delete token
				request.cookies.delete('token')
				return NextResponse.redirect(LOGIN)
			}
		} catch {
			//delete token (failsafe)
			request.cookies.delete('token')
			return NextResponse.redirect(LOGIN)
		}

		//redirect from login if already logged in
		let redirectToApp = false
		if (request.nextUrl.pathname === "/login") {
			const token = request.cookies.get("token")
			if (token) {
				try {
					const payload = await verifyJwt(token.value)
					if (payload) {
						redirectToApp = true
					} else {
						request.cookies.delete('token')
					}
				} catch (error) {
					request.cookies.delete('token')
				}
			}
		}

		if (redirectToApp) {
			return NextResponse.redirect(`${process.env.NEXT_PUBLIC_BASE_URL}/submission`)
		} else {
			return NextResponse.next()
		}


	}
}
bcrypt fix basically webpack tries to compile it which is not good so I edited to next.config 2024-09-13 17:24:39 +00:00			`import { NextRequest, NextResponse } from "next/server";`
			`import { verifyJwt } from "app/api/auth/actions";`

			`const protectedRoutes = ['/story', '/submission', '/publication']`

			`// Function to match the * wildcard character`
			`function matchesWildcard(path: string, pattern: string): boolean {`
			`if (pattern.endsWith('/*')) {`
			`const basePattern = pattern.slice(0, -2);`
			`return path.startsWith(basePattern);`
			`}`
			`return path === pattern;`
			`}`

			`export default async function(request: NextRequest) {`
			const LOGIN = `${process.env.NEXT_PUBLIC_BASE_URL}/login?redirect=${request.nextUrl.pathname + request.nextUrl.search}`

			`if (protectedRoutes.some(pattern => matchesWildcard(request.nextUrl.pathname, pattern))) {`
			`const token = request.cookies.get('token')`

			`//NOTE - may need to add logic to return 401 for api routes`

			`if (!token) {`
			`return NextResponse.redirect(LOGIN)`
			`}`

			`try {`
			`//decode and verify jwt cookie`
			`const jwtIsVerified = await verifyJwt(token.value)`

			`if (!jwtIsVerified) {`
			`//delete token`
			`request.cookies.delete('token')`
			`return NextResponse.redirect(LOGIN)`
			`}`
			`} catch {`
			`//delete token (failsafe)`
			`request.cookies.delete('token')`
			`return NextResponse.redirect(LOGIN)`
			`}`

			`//redirect from login if already logged in`
			`let redirectToApp = false`
			`if (request.nextUrl.pathname === "/login") {`
			`const token = request.cookies.get("token")`
			`if (token) {`
			`try {`
			`const payload = await verifyJwt(token.value)`
			`if (payload) {`
			`redirectToApp = true`
			`} else {`
			`request.cookies.delete('token')`
			`}`
			`} catch (error) {`
			`request.cookies.delete('token')`
			`}`
			`}`
			`}`

			`if (redirectToApp) {`
			return NextResponse.redirect(`${process.env.NEXT_PUBLIC_BASE_URL}/submission`)
			`} else {`
			`return NextResponse.next()`
			`}`




			`}`
			`}`